Thursday, February 21, 2013

Let's say you want to run your ExtJS application on example.com, but run your REST API at example-api.com . Normally, you cannot do this without resorting to JSONP (GETs only), or a server proxy, due to security restrictions. However, it can be done safely using CORS, which modern browsers support.

I've been using Java Spring Roo for creating my REST API. Unfortunately, it does not support CORS out of the box. Here's how to set it up.